The present invention relates to an electronic data storage system, and more specifically to an electronic data storage apparatus, system, and method for safely protecting electronic data against illegal amendments and deletion, and maintaining the sufficient legal evidence of the electronic data.
Conventionally, the first method of storing electronic data with reliability is to have a reliable third party TTP (Trusted Third Party) and trust the TTP with the electronic data. FIG. 1 shows the data reliability guarantee system through the TTP.
In FIG. 1, the TTP stores data with the electronic signatures of, for example, A and B to process the data as a reliable agreement between A and B. The electronic signatures indicating the agreement of A and B can be represented as an RSA which is a public key encryption based on the factorization in prime numbers, the oval curve, or an individual key shared by the TTP, A, and B. There has been the problem that, when the electronic data is stored by the TTP, A cannot deny to B that A has agreed with the electronic data because the data with the electronic signature of A is stored by the TTP even though A insists later that A has not agreed with the electronic data.
FIG. 2 shows that a large volume of electronic data is stored by the TTP. In the system using the TTP, each time a transaction such as a contract made between A and B, etc. occurs, it is necessary to store data of the contract, etc. With the increasing number of transactions, the volume of the electronic data to be stored greatly increases. Apart from the problem of the maintenance of the reliability of a document, the electronic data is stored for each transaction so that B cannot deny the fact that A and B agreed with the electronic data, that is, so that the agreement cannot be denied later. This produces the problem that data is concentrated. As a result, it is recommended that the reliability of data is guaranteed while the data is distributed for storage to avoid the concentration of data for all transactions.
FIG. 3 shows the necessity of the network security and the data security to, for example, store and transmit electronic data with sufficient legal evidence maintained. In FIG. 3, the network security can be realized by encrypting data, submitting identification papers, and transmitting the electronic data with electronic signatures to avoid illegal amendments through a network. However, even if the transferred data is stored as a certificate and accompanying electronic signatures on, for example, floppy disks, the security of the data cannot be guaranteed if the data is illegally amended or deleted. Therefore, the security of the stored electronic data should be guaranteed.
FIG. 4 shows the second method of storing electronic data on paper with the sufficient legal evidence of the electronic data maintained. As shown in FIG. 4, the data such as a contract of a corporation, a final return of a government office, a patient""s card in hospital, etc. should be legally stored for a predetermined period. When such legally stored data are managed on a medium such as a hard disk, a floppy disk, etc., they can possibly be illegally amended or deleted. Therefore, according to the conventional technology, the data should have been printed on paper for storage. Under such circumstances, the security of electronic data should be guaranteed as well as the data printed on paper.
FIG. 5 shows the four conditions required for the electronic data storage system to realize the security of, as well as retrieve, the data printed on paper for storage. The first condition relates to retention of data. In the retention period, data should be stored in a restorable state. The second condition relates to the correctness of data. The data should be retrieved as correct data. The third condition relates to readability. The contents of data should be read as necessity. The fourth condition relates to legal evidence. The data should be maintained with legal evidence for use in a trial.
The above listed four conditions have been required in the electronic data storage system to realize the security obtained by the data written on paper.
As described above, in the first conventional method of storing electronic data, that is, in the method to be followed by a TTP, there is the problem that the storage capacity and the performance of the TTP is limited because the electronic data is concentrated on the TTP, and the problem that, the reliability of data is not guaranteed when, for example, an electronic signature is realized by a shared individual key and the key is accidentally lost.
In the second method, that is, when electronic data is printed and stored on paper, there is the problem about the place for storage of the paper, and about the labor required to search for necessary data and reenter data when the data is reused. These operations are labor-intensive, costly, and inefficient.
The present invention aims at realizing an electronic data storage apparatus capable of distributing and managing electronic data while maintaining the security and legal evidence of the electronic data; realizing an electronic data storage system capable of distributing the electronic data and storing them in a plurality of electronic data storage apparatus by an authorization organization guaranteeing the reliability of the electronic data storage apparatus; and providing a method of storing electronic data whose security can be guaranteed by the electronic data storage apparatus.
According to the first embodiment of the present invention, the electronic data storage apparatus 1 includes a data storage device; an authentication information generation device; and an authentication information data output device.
The data storage device stores electronic data. The data authentication information generation device generates the data authentication information for use in verifying the correctness of the electronic data stored in the data storage device. When the authentication information data output device externally outputs the electronic data stored in the data storage device, it adds to the electronic data the authentication information generated for the electronic data, and then outputs the resultant data.
The electronic data storage apparatuses independently function, and authenticate each other. To establish the reliability of the electronic data, authentication information is generated to check the existence of illegal amendment to the electronic data. The electronic data provided with the authentication information is transferred between electronic data storage apparatuses.
Thus, an electronic data storage apparatus can be realized with the electronic data secured and managed in a distributed manner.
The electronic data storage apparatus according to the first embodiment of the present invention can perform various basic processes using a master key by providing a master key storage device for storing a common master key in a plurality of electronic data storage apparatuses.
The first process performed using a master key is mutual authentication through which electronic data storage apparatuses mutually authenticate one another. That is, the mutual authentication is performed between electronic data storage apparatuses which store distributed electronic data. After the mutual authentication, the stored electronic data can be transferred.
The second process performed using a master key is to generate authentication information for use in verifying the correctness of the amendments to data, and to output as authentication information data the electronic data provided with the authentication information to a unit external to the electronic data storage apparatuses.
The third process performed using a master key is to verify authentication information using a master key when electronic data provided with the authentication information is externally input, and to store the data in the data storage device only when it is proved that no illegal processes have been performed on the data.
The fourth process performed using a master key is to generate using a master key a storage certificate to certify the storage of electronic data when the electronic data is stored after the correctness of authentication information data is verified.
Each of the electronic data storage apparatus can be provided with a unique individual key. Using the individual key, a data transfer request certificate, a storage certificate, and a storage certificate receipt certificate for use in, for example, avoiding the denial of data storage.
That is, when data is transferred, for example, from an electronic data storage apparatus A to an electronic data storage apparatus B, a data transfer request certificate certifying that a transfer request has been issued is transmitted from the electronic data storage apparatus A to the electronic data storage apparatus B, a storage certificate certifying that the data has been stored is transmitted from the electronic data storage apparatus B to the electronic data storage apparatus A, and a storage certificate receipt certificate certifying that the storage certificate has been received is transmitted from the electronic data storage apparatus A to the electronic data storage apparatus B. Thus, since it can be proved afterwards using these certificates that the electronic data has been transferred and stored, the problem of the denial which cannot be solved between the electronic data storage apparatuses A and B through the conventional TTP can be successfully solved.
Furthermore, according to the first embodiment of the present invention, an electronic data storage apparatus identification information for uniquely identifying an electronic storage apparatus can be assigned to each electronic data storage apparatus, or electronic data identification information related to the electronic data storage apparatus identification information about the electronic data storage apparatus which stores the electronic data can be assigned to each piece of the electronic data. Therefore, an electronic data storage apparatus which stores certain electronic data in a plurality of electronic data storage apparatuses having a common master key can be located.
In the electronic data storage system according to the second embodiment, an authorization device for authorizing a plurality of electronic data storage apparatuses is provided in addition to the plurality of electronic data storage apparatuses. The authorization device includes a specification check device for checking the specification of the electronic data storage apparatus and authorizing the electronic data storage apparatus when the specification meets predetermined conditions. Thus, the reliability of the electronic data storage apparatus can be guaranteed by the authorization device, and the electronic data is distributed for storage in a plurality of electronic data storage apparatuses.
According to the second embodiment of the present invention, a master key commonly used among the plurality of electronic data storage apparatus, and electronic data storage apparatus identification information for uniquely identifying each of the electronic data storage apparatuses can be assigned to each of the electronic data storage apparatuses. Furthermore, the electronic data stored in an electronic data storage apparatus can be assigned the electronic data identification information associated with the electronic data storage apparatus identification information assigned to the electronic data storage apparatus so that the electronic data can be associated with the authentication information for the electronic data to uniquely identify the electronic data.
When electronic data is transferred from one electronic data storage apparatus to another electronic data storage apparatus, the electronic data can be transferred together with authentication information which is generated using a master key and associated with the information indicating that the electronic data is original data or a copy of the original data, and with the source and destination electronic data storage apparatus identification information, history and so on. Therefore, the original electronic data can be located and managed.
Thus, according to the second embodiment of the present invention, authentication information can be generated by an electronic data storage apparatus storing electronic data using a master key assigned by an authorization function. Therefore, by verifying authentication information using a master key, it can be confirmed that the data is stored in the electronic data storage apparatus authorized by the authorization function, thereby guaranteeing the reliability of the data.
In the method of storing electronic data according to the present invention, for example, authentication information for use in detecting the correctness of electronic data is generated for the electronic data stored in the electronic data storage apparatus. When the stored electronic data is output, the authentication information generated for the electronic data is added to the electronic data and output together.
Furthermore, in the method of storing electronic data according to the present invention, when electronic data with authentication information for use in detecting the correctness of the electronic data is input, the contents of the authentication information is verified, and the electronic data is stored only when the incorrectness of the electronic data is not detected.
Additionally, in the method of storing electronic data according to the present invention, the electronic data storage apparatus stores electronic data after the authorization device for authorizing an electronic data storage apparatus determines that the specification of the electronic data storage apparatus which stores the electronic data meets the predetermined conditions. Thus, the method of storing electronic data according to the present invention guarantees the user the security and the correctness of the electronic data.
The electronic data storage apparatus can also be realized using a program storage medium. That is, the electronic data storage apparatus according to the present invention can be realized by installing to, for example, a personal computer a storage medium which stores a program having the function of generating authentication information for use in searching the stored electronic data for the existence of an illegal amendment to the electronic data, and the function of outputting the authentication information generated for the electronic data and added to the electronic data when the stored electronic data is output.
The electronic data storage apparatus according to the present invention can also be realized by installing to a personal computer, etc. a storage medium which stores a program having the function of verifying the contents of authentication information when electronic data provided with authentication information for use in checking the existence of an illegal amendment to the electronic data, and the function of storing the electronic data only when the incorrectness of the electronic data is not detected.